LIB-TRAP: Standard Cell Library Hardware Trojan Risk Assessment and Prevention

📅 2026-07-01
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
This work addresses a novel threat in the fabless semiconductor model, wherein standard cell libraries themselves are exploited as potential attack vectors for hardware Trojan (HT) insertion. We propose a new threat model in which a malicious foundry activates dormant Trojan cells during manufacturing, thereby evading detection at the design stage. Leveraging both open-source and industrial-grade EDA tools, we construct compromised cell libraries for Saed32nm and Sky130nm technologies capable of embedding arbitrary HTs, and demonstrate their feasibility on real-world circuits such as AES-128 and an Ethernet controller. Experimental results show that circuits synthesized with the infected libraries exhibit negligible deviations from clean counterparts in critical metrics—including area, cell count, and power consumption—rendering them indistinguishable to conventional design-time verification techniques and underscoring the stealth and practicality of this attack.
📝 Abstract
Vulnerabilities inherent to the fabless semiconductor manufacturing model have significantly increased the risk of malicious Hardware Trojan (HT) insertion, posing severe threats to hardware security. Several HT mitigation and detection strategies have been developed, and existing works explore the insertion of HTs in the space between standard cells in an integrated circuit. However, there is a lack of research into the vulnerabilities posed by the building blocks of most digital designs on the market today, the standard cells. This work investigates a novel threat model in which standard cells are considered untrusted. Our proposed threat model provides the design house with a tampered standard cell library. The intended netlist is synthesized and implemented using the tampered library. During fabrication, a nefarious foundry replaces the library's deactivated HT cells with activated counterparts. Using open-source and industry-standard Electronic Design Automation (EDA) tools, existing standard cell libraries, Saed32nm and Sky130nm, are converted into malicious libraries capable of masking the presence of arbitrary HTs from IC designers. The malicious library is then applied and characterized in multiple standard benchmark designs. To demonstrate the efficacy and stealthiness of this standard cell-based attack vector, three benchmark circuits, an AES-128 encryption core, an Ethernet controller, and a WISHBONE DMA engine, were synthesized using both clean and Trojan-infected libraries across Synopsys 32nm and SkyWater 130nm technologies. Design-level features, including total cell count, total area, dynamic power consumption, and static power, were extracted from these synthesized circuits to serve as inputs for binary classification
Problem

Research questions and friction points this paper is trying to address.

Hardware Trojan
Standard Cell Library
Hardware Security
Fabless Manufacturing
IC Design
Innovation

Methods, ideas, or system contributions that make the work stand out.

Hardware Trojan
Standard Cell Library
Threat Model
EDA Tools
Supply Chain Security
🔎 Similar Papers
No similar papers found.